netns

package
v0.5.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 13, 2016 License: Apache-2.0, Apache-2.0 Imports: 7 Imported by: 0

README

netns - network namespaces in go

The netns package provides an ultra-simple interface for handling network namespaces in go. Changing namespaces requires elevated privileges, so in most cases this code needs to be run as root.

Local Build and Test

You can use go get command:

go get github.com/vishvananda/netns

Testing (requires root):

sudo -E go test github.com/vishvananda/netns

Example

package main

import (
    "net"
    "runtime"
    "github.com/vishvananada/netns"
)

func main() {
    // Lock the OS Thread so we don't accidentally switch namespaces
    runtime.LockOSThread()
    defer runtime.UnlockOSThread()

    // Save the current network namespace
    origns, _ := netns.Get()
    defer origns.Close()

    // Create a new network namespace
    newns, _ := netns.New()
    defer newns.Close()

    // Do something with tne network namespace
    ifaces, _ := net.Interfaces()
    fmt.Printf("Interfaces: %v\n", ifaces)

    // Switch back to the original namespace
    netns.Set(origns)
}

Documentation

Overview

Package netns allows ultra-simple network namespace handling. NsHandles can be retrieved and set. Note that the current namespace is thread local so actions that set and reset namespaces should use LockOSThread to make sure the namespace doesn't change due to a goroutine switch. It is best to close NsHandles when you are done with them. This can be accomplished via a `defer ns.Close()` on the handle. Changing namespaces requires elevated privileges, so in most cases this code needs to be run as root.

Index

Constants

View Source
const (
	// These constants belong in the syscall library but have not been
	// added yet.
	CLONE_NEWUTS  = 0x04000000 /* New utsname group? */
	CLONE_NEWIPC  = 0x08000000 /* New ipcs */
	CLONE_NEWUSER = 0x10000000 /* New user namespace */
	CLONE_NEWPID  = 0x20000000 /* New pid namespace */
	CLONE_NEWNET  = 0x40000000 /* New network namespace */
	CLONE_IO      = 0x80000000 /* Get io context */
)
View Source
const (
	SYS_SETNS = 308
)

Variables

This section is empty.

Functions

func Set

func Set(ns NsHandle) (err error)

Set sets the current network namespace to the namespace represented by NsHandle.

func Setns

func Setns(ns NsHandle, nstype int) (err error)

Setns sets namespace using syscall. Note that this should be a method in syscall but it has not been added.

Types

type NsHandle

type NsHandle int

NsHandle is a handle to a network namespace. It can be cast directly to an int and used as a file descriptor.

func Get

func Get() (NsHandle, error)

Get gets a handle to the current threads network namespace.

func GetFromDocker

func GetFromDocker(id string) (NsHandle, error)

GetFromDocker gets a handle to the network namespace of a docker container. Id is prefixed matched against the running docker containers, so a short identifier can be used as long as it isn't ambiguous.

func GetFromName

func GetFromName(name string) (NsHandle, error)

GetFromName gets a handle to a named network namespace such as one created by `ip netns add`.

func GetFromPath

func GetFromPath(path string) (NsHandle, error)

GetFromPath gets a handle to a network namespace identified by the path

func GetFromPid

func GetFromPid(pid int) (NsHandle, error)

GetFromPid gets a handle to the network namespace of a given pid.

func GetFromThread

func GetFromThread(pid, tid int) (NsHandle, error)

GetFromThread gets a handle to the network namespace of a given pid and tid.

func New

func New() (ns NsHandle, err error)

New creates a new network namespace and returns a handle to it.

func None

func None() NsHandle

Get an empty (closed) NsHandle

func (*NsHandle) Close

func (ns *NsHandle) Close() error

Close closes the NsHandle and resets its file descriptor to -1. It is not safe to use an NsHandle after Close() is called.

func (NsHandle) Equal

func (ns NsHandle) Equal(other NsHandle) bool

Equal determines if two network handles refer to the same network namespace. This is done by comparing the device and inode that the file descripors point to.

func (NsHandle) IsOpen

func (ns NsHandle) IsOpen() bool

IsOpen returns true if Close() has not been called.

func (NsHandle) String

func (ns NsHandle) String() string

String shows the file descriptor number and its dev and inode.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL